>Number: 783
>Category: config
>Synopsis: RLimitMEM, RLimitCPU, hard limit ignored when userid is not 0
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Jun 25 05:50:01 1997
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2
>Environment:
Apache 1.2 as released.
SunOS sandnews 5.5 Generic sun4m sparc SUNW,SPARCstation-20
gcc version 2.7.2.1
>Description:
If you are not running with userid 0 then a config option like this:
RLimitCPU 10 20
will give an error message:
Must be uid 0 to raise maximum
The logic used to generate that message is in error, because I am only trying
to lower the hard cpu limit to 20, not raise it. Non-root users are allowed
to do that.
>How-To-Repeat:
Just use RLimitCPU 10 20 with httpd started non-root.
>Fix:
Yes, here is the fix to the procedure set_rlimit in the file http_core.c
which I have applied at my site.
/* if we aren't running as root, cannot increase max */
if (geteuid()) {
limit->rlim_cur = cur;
if (max && limit->rlim_max && (max > limit->rlim_max))
log_printf(cmd->server, "Must be uid 0 to raise maximum %s",
cmd->cmd->name);
else if (max)
limit->rlim_max = max;
}
else {
if (cur)
limit->rlim_cur = cur;
if (max)
limit->rlim_max = max;
}
%0
>Audit-Trail:
>Unformatted:
